Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7807 matches found

RedHat Linux
RedHat Linuxadded 2018/12/03 5:32 p.m.0 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
RedHat Linux
RedHat Linuxadded 2018/12/03 5:31 p.m.4 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
RedHat Linux
RedHat Linuxadded 2018/12/03 5:26 p.m.3 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
Exploit DB
Exploit DBadded 2018/11/29 12:0 a.m.45 views

WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Does not Invalidate the 'ForInContext' Object

/ This is simillar to issue 1263 . When hoisting a function onto the outer scope, if it overwrites the iteration variable for a for-in loop it should invalidate the corresponding ForInContext object, but it doesn't. As a result, an arbitrary object can be passed as the property variable to the...

7.4AI score
Exploits0
Oracle linux
Oracle linuxadded 2018/11/28 12:0 a.m.117 views

qemu security update

15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...

10CVSS0.93838EPSS
Exploits23
RedHat Linux
RedHat Linuxadded 2018/11/20 3:15 a.m.3 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
RedHat Linux
RedHat Linuxadded 2018/11/20 3:15 a.m.44 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 3.10 security update

An update is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS7.3AI score0.86978EPSS
Exploits10References4
RedHat Linux
RedHat Linuxadded 2018/11/20 3:11 a.m.4 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
RedHat Linux
RedHat Linuxadded 2018/11/20 3:11 a.m.3 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
Lenovo
Lenovoadded 2018/11/14 6:56 p.m.87 views

Insecure Handling of UEFI Variables - US

Lenovo Security Advisory: LEN-23850 Potential Impact: Elevation of Privilege, Denial of service Severity: Medium Scope of Impact: Industry-wide Summary Description: Intel has reported to Lenovo that the BIOS reference code supplied for certain CPUs may permit an attacker to alter certain UEFI...

2.8AI score
Exploits0
OSV
OSVadded 2018/11/11 9:9 p.m.8 views

MGASA-2018-0439 Updated ansible package fixes security vulnerabilities

It was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result CVE-2018-10874. It was found that ansible.cfg is being read from the current working directory, which can be...

7.8CVSS6.8AI score0.00587EPSS
Exploits0References4
OSV
OSVadded 2018/11/09 5:49 p.m.0 views

GHSA-3RH7-VM4X-Q2HP sqlserver is malware

The sqlserver package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security conce...

7.5CVSS5.8AI score0.01123EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2018/11/09 5:49 p.m.17 views

sqlserver is malware

The sqlserver package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security conce...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2018/11/09 5:43 p.m.13 views

GHSA-9FG5-F5PJ-RWCC gruntcli is malware

The gruntcli package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concer...

7.5CVSS7.6AI score0.01123EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2018/11/09 5:43 p.m.24 views

gruntcli is malware

The gruntcli package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concer...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2018/11/09 5:43 p.m.13 views

GHSA-3P8F-J2VW-7HW9 mssql-node is malware

The mssql-node package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this module is malware, if you find it installed in your environment, the real security conce...

7.5CVSS7.6AI score0.01123EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2018/11/09 5:43 p.m.24 views

mssql-node is malware

The mssql-node package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this module is malware, if you find it installed in your environment, the real security conce...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2018/11/09 5:43 p.m.16 views

GHSA-5MHV-9QW8-J63G mssql.js is malware

The mssql.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concer...

7.5CVSS7.6AI score0.01123EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2018/11/09 5:43 p.m.26 views

mssql.js is malware

The mssql.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concer...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blogadded 2018/11/09 5:42 p.m.22 views

nodemssql is malware

The nodemssql package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security conce...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder